Skip to main content

Java Secure coding guidlines

 Java Secure coding guidelines

1. Use Security Api's.
2. Always Close open resources use Try with Resources.
3. Use Class Loaders and Policy's for fine grain access
4. Always validate input format and input data .
5. Never grant unnecessary permission to third party code.
6. Never ignore exceptions  
7. Avoid duplications.
8. Document Security Information 
9. Encapsulate your changes.
10. Write Clear Code.
11. Do not log config information of your app.
12. Do not serialize security Codes.
13. Always do negative Testing against your code.
14. Use known and tested libraries
15. Always use prepared statements to handle SQL parameters.
16. Don't reveal implementation via complete error messages example userid failed or password failed.
17. Keep security releases up to date.
18. Look for dependency vulnerabilities.
19  Monitor and log user activity for brute force attack and denial of service.



Comments

Post a Comment

Popular posts from this blog

Maximo Interview Questions - Maximo Technical and Functional Questions

Technical Questions How do you rate your self in :- 1. PL/SQL 2. Java 3. Automation Script 4. Mbo Customization 5. Admininstration Jobs 6. Funtional Concepts 7. Maximo Configuration Do not rate anything less than 7 unless you don't want interview to skip the topic Deployment / Administration  1. Explain LDAP integration? 2. Explain SSO and LTPA token? 3. What is global security? 4. How session is managed in Websphere or Maximo? 16. How to insert attributes from Backend? 5. How request is passed in Maximo? 6. How to do horizontal and vertical clustering? 7. Explain how you confire websphere for maximo manually? 8. What are Websphere MQ? 9. What is JMS, Connection Factory and Queues? 10. What is difference between vmm and ldap sync integration ? 11. What is Standalone and federated repository? 12. How to install a new language in Maximo? 13. What are the steps to apply a Fix pack in Maximo, Websphere or DB2? 14. Have you worked on any performance checking tools? 15
3 comments
Read more

Maximo Bean Class Methods

Methods of Bean Classes of Maximo Reset Method   This method is called when a new filter is applied for the dialog's MboSet.  @see psdi.webclient.system.beans.DataBean#reset()     @Override     public void reset() throws MXException     {             try         {                 saveCurrentSelection();         }         catch (RemoteException e)         {             handleRemoteException(e);         }         super.reset();     } Initialize It is used to initialize values on a dialog @Override     protected void initialize() throws MXException, RemoteException     {         uids = new ArrayList<Long>();         super.initialize();     } Call Method This method is called whenever an event is generated in the dialog (e.g. OK button is pressed). It is      overridden to merge all previously saved selections and reset the resulting MboSet accordingly.      *@see psdi.webclie
3 comments
Read more